1 WatchGuard PRODUCT DATASHEET Firebox X Edge Strong firewall protection for small offices and telecommuters Built-in zero day attack prevention to stop new threats Continually updated security subscriptions provide up-to-the-minute protection Secure VPN services via IPSec, SSL, and PPTP protocols Upgradeable Global Intuitive management dramatically streamlines administration to protect your security investment team of security experts are there when you need them Earth-friendly technology Strong, Reliable Protection for Small Business Networks Small business networks need the same comprehensive protection that larger companies rely on, without the complexity. Now this can easily be achieved with the Firebox X Edge e-series firewall/vpn appliance from WatchGuard. The Firebox X Edge is a complete unified threat management (UTM) solution that blocks zero day attacks, spyware, viruses, trojans, spam, and blended threats to ensure that your data is safe. The easy-toconfigure branch office and VPN tunnels provide encrypted remote access to network resources, while its flexible networking features allow traffic and bandwidth prioritization for maximum efficiency and network performance. With its intuitive web-based user interface, the Edge is an excellent choice for businesses with limited IT resources, and comes in both wired and wireless models to meet your specific network requirements. Proactive Zero Day Attack Prevention The robust network protection provided by the Firebox X Edge is based on sophisticated proxy technologies. They supply built-in, proactive defenses to block many kinds of attacks including buffer overflows, DNS poisoning, DoS, and DDoS. This unique level of zero day protection is far superior to products that rely solely on packet filter and signature-based technology to stop known threats. It puts strong defenses in place from the moment you turn on your Firebox. Added Protection in Critical Attack Areas Powerful security subscriptions provide additional layers of network protection. Fully integrated on the Edge and continually updated, they work cooperatively with the built-in defenses for a complete unified threat management solution. spamblocker Blocks nearly 100% of unwanted and the malware it carries in real time, regardless of content, format, or language of the message WebBlocker Increases productivity and decreases security risks by blocking HTTP and HTTPS access to malicious or inappropriate web content Gateway AntiVirus/Intrusion Prevention Service Stops known spyware, trojans, viruses, and policy violations at the gateway Centralized Management for Multiple Appliances When you deploy multiple Edge appliances as endpoints on a Firebox X Peak or Core network, the Edge can be centrally managed using WatchGuard System Manager (WSM). WSM streamlines VPN and configuration management, allowing you to set unified security policies across the entire network, push appliance software updates to all managed Edges, and effortlessly create drag-and-drop VPN tunnels. WSM also provides comprehensive logging, flexible security policies, and real-time monitoring tools. Comprehensive Networking Capabilities Get the reliable, flexible networking options you need to ensure that your small business, remote offices, and branch offices are always secure and connected. Secure, Efficient Traffic Management Provide security for multiple external IP addresses Get support for Dynamic NAT, 1:1 NAT, and PAT Minimize network downtime with WAN failover to a secondary port or to a dial-up connection through the serial port Maximize connectivity with full VPN failover Dependable, Configurable Quality of Service (QoS) Set priorities to dynamically allocate bandwidth so mission-critical and time-sensitive traffic, such as VoIP, takes precedence over less-critical traffic Unmatched Ease of Use Firebox X Edge is managed with an intuitive webbased interface. Easy to set up and maintain, it reduces network administration time for the IT expert, while providing indispensable ease of use for novice administrators. Flexible Security models include an b/g wireless access point with WPA, WPA2, and WEP security options. Three distinct wireless security zones (VAPs) give administrators precise control over Internet access privileges for different user groups Protecting Your Security Investment As business needs grow, you can move up to the capacity and security features of a higher model in the line or add Edge Pro advanced appliance software by applying a simple software license key. That s it there s no additional hardware to buy.
2 Firebox X Edge Keep Your Small Business Network Secure and Connected Managing a small business network is challenging. With a host of malicious threats on the Internet, you need solid network protection that includes proactive attack prevention something a mere router cannot provide. Your solution needs to integrate multi-layered defenses that combat spam, spyware, viruses, and web-based exploits. Small businesses also have to deal with many of the concerns that large enterprises face, including the demands of multiple applications, high-volume traffic, and secure connectivity for remote users. If you re coping with typical small business resource constraints, you ll also want an affordable solution that has genuine ease of use, and can efficiently scale with your business as it grows. The solution: Firebox X Edge from WatchGuard designed to meet the needs of the small business network. Protect Your Network s Perimeter Extending the robust network security at your central office to branch offices and remote users shouldn t be a resource burden for your IT department. You need the same powerful protection at your network perimeter, while being able to manage the entire system from one central location. For maximum efficiency and cost-effectiveness, all components of your security solution must interoperate seamlessly, giving you the ability to set uniform security policies for the entire network that can be globally updated with a few mouse clicks. Meanwhile, the appliance at your branch office, whether wired or wireless, must have advanced networking features to guarantee that inter-office traffic and bandwidth are prioritized and managed. The solution: Firebox X Edge from WatchGuard the ideal solution for extending the power of your Firebox X Peak or Firebox X Core from the central office to your branch offices and remote users. TM Why choose the Firebox X Edge for your small business? Easy to set up and manage using an intuitive, web-based user interface. You don t have to be an IT expert to get up and running quickly Strong security out of the box, with smart default settings and configuration wizards to give you solid protection from day one Fully integrated anti-spam, anti-spyware, anti-virus, intrusion prevention, and URL filtering security subscriptions provide comprehensive unified threat management to keep your network safe Reliable, flexible networking options for the stand-alone office, including 1:1 NAT, Dynamic NAT, PAT, and multiple external IP support Traffic management and Quality of Service (QoS) capabilities to ensure that mission-critical traffic, such as VoIP, is prioritized over managed bandwidth Reduced network downtime with WAN failover capabilities in the event of a line disconnection to the primary WAN port security and guest services, allowing businesses to provide controlled Internet access to guest users without compromising security Secure access to critical network resources for off-site workers, using mobile IPSec and SSL VPN. Single sign-on provides easy user login Increase capacity and networking/security capabilities as your needs grow using a simple software license key no new hardware required Why choose the Firebox X Edge for your remote/branch offices? Centralized Unified threat management capabilities, including zero day protection, anti-spyware, anti-spam, anti-virus, intrusion prevention, and URL filtering deliver powerful, multi-layered defenses at the perimeter of your network configuration management provided by WatchGuard System Manager (WSM) on your Firebox X Peak or Core appliance dramatically streamlines administration of your remote/branch offices Secure your inter-office connectivity with easy-to-configure branch office VPN tunnels. With WSM, you can create drag-and-drop VPN tunnels in three simple steps, saving valuable setup and maintenance time Appliance software updates can be pushed to your remote Edge appliances with WSM so security policies are quickly and universally enforced, and appliance software is always current Advanced networking features on the Firebox X Edge include 1:1 NAT, Dynamic NAT, Port Address Translation (PAT), and multiple external IP support for reliable, flexible networking options QoS with dynamic traffic management ensures bandwidth is managed and that time-sensitive traffic, such as VoIP, is prioritized over less-critical traffic Accommodate network guests without compromising security guest services provide secure and controlled Internet access, using the wireless access point on the Edge appliance Remote users can connect securely using IPSec, SSL, or PPTP protocols
3 Firebox X Edge Specifications Firebox X10e Firebox X10e-W Firebox X20e Firebox X20e-W Firebox X55e Firebox X55e-W WG50010 WG50011 N. America WG50020 WG50021 N. America WG50055 WG50056 N. America WG50012 Int l WG50022 Int l WG50057 Int l WG50015 China WG50025 China WG50060 China WG50012-JP Japan WG50022-JP Japan WG50057-JP Japan Model Upgradeable to X20e or X55e to X20e-W or X55e-W to X55e to X55e-W N/A N/A Firewall Throughput 100 Mbps 100 Mbps 100 Mbps VPN Throughput 35 Mbps 35 Mbps 35 Mbps Gateway AntiVirus/IPS with anti-spyware Optional Optional Optional Spam Blocking with virus outbreak detection Optional Optional Optional URL Filtering for HTTP and HTTPS Optional Optional Optional Serial Ports Interfaces 10/ Security Zones (incl.) Concurrent Sessions 6,000 8,000 10,000 Nodes Supported (LAN IPs) 15 (upgradeable to 20) 30 Unlimited Branch Office VPN Tunnels Mobile VPN Tunnels - IPSec (incl/max) 1/11 5/25 5/55 Mobile VPN Tunnels - SSL (incl/max) 1/11 1/25 55/55 Mobile VPN Tunnels - PPTP (incl/max) 10/10 10/10 10/10 Local User Authentication DB Limit Edge Pro Advanced Appliance Software* Optional Optional Included VPN Failover Included Included Included Throughput rates will vary depending on environment and configuration *Edge Pro advanced appliance software includes WAN failover, support of multiple WANS, load balancing across multiple WANs, policy-based routing, and the maximum supported SSL VPN tunnels Features Security Features Stateful Packet Firewall Outbound Deep Application Inspection HTTP FTP POP3 Inbound Deep Application Inspection SMTP Protocol Anomaly Detection Pattern Matching Fragmented Packet Reassembly Protection Malformed Packet Protection Static Blocked Sources List VPN Encryption (DES, 3DES,AES) IPSec SHA-1, MD5 IKE - Pre-Shared Key, Firebox Certificate, 3rd Party Certificates (X.509) IPSec Passthrough Dead Peer Detection (RFC 3706) Hardware-based Encryption SSL Support PPTP Support (10 users) User Authentication XAUTH LDAP Windows Active Directory RADIUS Local Authentication Windows NT Windows 2000 Windows 2003 Single sign-on IP Address Assignment Static PPPoE Client DHCP Server, Client, Relay Redundancy Features WAN Failover** WAN Failover to Serial Modem** VPN Failover Traffic Management and Prioritization Policy-based Traffic Prioritization VPN Traffic Prioritization Full Marking Support Diffserv IP Services Quality of Service (4 Prioritization Queues) Interactive High Medium Low Outgoing Load Balancing** Advanced Networking Static NAT Dynamic NAT 1:1 NAT IPSec NAT Traversal Policy-based PAT (Port Address Translation) Up to 8 External IP Addresses Static Routes Dynamic DNS VoIP and Video Conferencing Support Modes of Operation Integrated 3-Port Switch (Layer 2) Routed Mode (Layer 3) Management Software Web GUI WatchGuard System Manager (WSM) v9.1 or higher Logging/Reporting WSM Security and Activity Reports Web-based Security Subscription Activity Reports Syslog WebTrends Compatible Reports (available to WSM users) HTML Reports (available to WSM users) Encrypted Log Channel Appliance Software v10 or higher Security Capabilities Guest Services b/g 3 Virtual Access Points (VAPs) WPA WPA2 WEP Certifications ICSA Labs Certified: IPSec West Coast Labs Checkmark Firewall Level 1, VPN, Web Filtering, Intrusion Prevention, Anti-Spam Support & Maintenance 1-Year Hardware Warranty Initial 90-Day or 1-Year LiveSecurity Service Subscription **Available with Edge Pro advanced appliance software upgrade for X10e, X10e-W, X20e, and X20e-W. Edge Pro comes with X55e and X55e-W models.
4 Firebox X Edge Dimensions and Power Appliance Dimensions (antennae extended) Packaging Dimensions Appliance Weight Total Weight WEEE Weight 7.4" x 6.5" x 1.4" (18.8 x 16.5 x 3.6 cm) 10.6" x 6.5" x 7.3" (26.9 x 16.5 x 18.5 cm) 13.3" x 11.9" x 4.4 (33.8 x 30.2 x 11.2 cm) 13.3" x 11.9" x 4.4 (33.8 x 30.2 x 11.2 cm) 1.8 lbs (0.8 Kg) 1.9 lbs (0.9 Kg) 3.3 lbs (1.5 Kg) 3.8 lbs (1.7 Kg) 2.0 lbs (0.9 Kg) 2.1 lbs (1.0 Kg) AC Power Power Consumption Rack Mountable Environmental VAC Autosensing U.S.: 12 Watts Rest of World: 172 Cal/min or 41 BTU/hr No Operating Temperature F (0 45 C) Non-operating Temperature F ( C) Operating Humidity 10-85% Non-operating Humidity 5-90% Non-condensing at 131 F (55 C) Non-operating Random Vibration Operating Mechanical Shock WEEE/RoHS Compliant 7-28 Hz to 0.01 G2 per Hz 20 G with 11 Msec duration 1/2 sine wave Yes Back Back Firebox X Edge Firebox X Edge Ready to Upgrade to Edge Pro? Edge Pro is an advanced appliance software upgrade* for the Firebox X10e, X10e-W, X20e, and X20e-W. Activated with a simple license key, Edge Pro delivers enhanced networking and security features. Load balancing increases reliability by ensuring traffic is distributed evenly across multiple ISP connections Policy-based routing allows preferential treatment to mission-critical services and applications WAN failover minimizes network downtime Edge Pro also automatically increases the number of SSL VPN tunnels to expand your secure remote access options. *Edge Pro is included with Edge X55e and X55e-W appliances. For more information on Firebox X Edge, visit One Solution, One License, One Great Price. Get everything you need for comprehensive unified threat management for your small business/remote office with the Firebox X Edge e-series UTM Bundle. An exceptional value, each package includes: Firebox X Edge e-series appliance Gateway AV/IPS (1 year) spamblocker (1 year) WebBlocker (1 year) LiveSecurity Service (1 year) From initial purchase through ongoing security management, the Firebox X Edge e-series UTM Bundle streamlines network security management while providing powerful network protection. Buy together and save! FREE! 30-day trials Get free 30-day trials of Gateway AntiVirus/IPS, spamblocker,and WebBlocker with the purchase of a Firebox X Edge. Contact your reseller for details. ADDRESS: 505 Fifth Avenue South, Suite 500, Seattle, WA WEB: U.S. SALES: INTERNATIONAL SALES: No express or implied warranties are provided for herein. All specifications are subject to change and any expected future products, features or functionality will be provided on an if and when available basis WatchGuard Technologies, Inc.All rights reserved. WatchGuard, the WatchGuard Logo, Firebox, LiveSecurity, Core, and Peak are either trademarks or registered trademarks of WatchGuard Technologies, Inc. in the United States and/or other countries. All other trademarks and tradenames are the property of their respective owners. Part No. WGCE66389_ IPSec Firewall Level 1 VPN Web Filtering Intrusion Prevention Anti-Spam
5 WatchGuard D ATASHEET WebBlocker An Integrated Security Subscription for the Firebox X More control over web content globally Control access to HTTP and HTTPS web sites Cost-effective web filtering Centralized policy enforcement and notification Flexible custom policies Passthrough authentication Centralized logging and reporting out of the box Daily incremental database updates Earth-friendly technology Boost Productivity, Reduce Liabilities, and Block Web Threats WebBlocker is an integrated security subscription that enhances the built-in, proactive zero day protection of the Firebox X. It lets you manage web access and content to give you control over your users' web surfing. By using the continually updated SurfControl database, WebBlocker blocks malicious sites to keep your network protected from risky web content such as spyware, and pharming and phishing sites. It can block access to web pages delivering streaming media, Peer-to-Peer (P2P), Instant Messaging (IM), and webmail capabilities. You can also use up to 54 web site categories to block content inappropriate in the workplace. WebBlocker conserves your network bandwidth, helps prevent legal liability, increases employee productivity, and protects against malicious attacks from rogue web sites. More Control Over Web Content Globally With WebBlocker, you have access to an automatically updated database containing over 14.4 million global sites including web sites in English, German, Spanish, French, Italian, Dutch, Japanese, and Traditional and Simplified Chinese. You can quickly select your web security policy from 54 content-type category filters. Allow or block access to entire web site categories with a simple mouse click. Easily create exception lists for trusted sites, or blacklist specific URLs or IP addresses. Cost-Effective Web Filtering Priced per appliance instead of per user, one WebBlocker subscription provides network-wide protection for all users configured behind your Firebox X. And because it s fully integrated with the Firebox X, there is no additional hardware to buy. Centralized Policy Enforcement and Notification WebBlocker s quick set-up wizard and object-based configuration tool make it easy to implement your web usage policies. Customizable notifications keep users informed and help them understand why certain content is restricted. On Firebox X Peak and Core appliances, and Firebox X Edge appliances on a Peak or Core network, WebBlocker is managed using the powerful WatchGuard System Manager (WSM). Stand-alone Firebox X Edge appliances use an intuitive web-based UI. Flexible Custom Policies WebBlocker enables you to configure: users web surfing Up to 54 web site categories to easily control your Web access by users, groups, and domains, and by time of day,* department requirements, or employee need Centralized Logging and Reporting Out of the Box With WebBlocker, you'll have the ability to track where your users are going, and when. By generating graphical reports of web access, attempted policy violations and Internet usage by time of day,* you'll get the data you need to make security policy and network bandwidth decisions. And unlike other solutions, these capabilities are all included with your Firebox X purchase. Daily Incremental Database Updates The SurfControl database is one of the world s largest global databases of web sites, updated daily to give you the most current and accurate protection available. Simply schedule your updates, and automatically receive the next incremental database changes. *Scheduling feature available on Firebox X Peak and Core. WatchGuard System Manager view of WebBlocker WebBlocker includes 54 content-type filters for flexible control. Access can be assigned by user, group, domain, department requirement, or employee need.
6 WebBlocker Security Subscriptions Boost Protection To enhance the built-in zero day attack prevention of the Firebox X, you can add security subscriptions for even greater levels of protection. Subscriptions are easy to enable on your Firebox X using a simple license key. That s it no extra hardware to buy! Along with WebBlocker, our suite of security subscriptions includes: Gateway AntiVirus/Intrusion Prevention Service with anti-spyware: Powerful signature-based scanning at the gateway stops known viruses, spyware, trojans, and other malware before they can enter your network. spamblocker with virus outbreak detection: The best in the industry at distinguishing legitimate communications from spam and virus outbreaks in real-time, blocking up to 97% of unwanted s. Blocks spam regardless of the language, format, or content of the message. These fully integrated security subscriptions are easy to deploy and manage on the Firebox X. Each is priced per appliance rather than per user, so one subscription provides network-wide protection for all users configured behind your Firebox X. FREE 30-day trials Get free 30-day trials of Gateway AntiVirus/Intrusion Prevention Service, spamblocker, and WebBlocker for your Firebox X Peak, Core, or Edge. Contact your reseller for details. WebBlocker One-Year Subscription Firebox X Peak TM Firebox X5500e Firebox X6500e Firebox X8500e Firebox X8500e-F Firebox X5000 Firebox X6000 Firebox X8000 Firebox X Core TM Firebox X550e Firebox X750e Firebox X1250e Firebox X500* Firebox X700* Firebox X1000* Firebox X2500* *Requires Fireware Pro advanced appliance software Firebox X Edge Firebox X10e or X10e-W Firebox X20e or X20e-W Firebox X55e or X55e-W Firebox X5 Firebox X15 Firebox X50 Firebox X5-w Firebox X15-w Firebox X50-w WG WG WG WG WG WG WG WG WG WG WG WG WG WG WG WG WG WG WG WG WG WG WG UTM Bundle One Solution, One License, One Great Price Now everything you need for comprehensive unified threat management, including WatchGuard s ground-breaking LiveSecurity Service for expert guidance and support, is in one convenient package. An exceptional value, each bundle includes: Firebox X Core or Firebox X Edge security appliance spamblocker (1 year) Gateway AV/IPS (1 year) WebBlocker (1 year) LiveSecurity Service (1 year) Firebox X Core UTM Bundle Firebox X550e UTM Bundle Firebox X750e UTM Bundle Firebox X1250e UTM Bundle Firebox X Edge UTM Bundle Firebox X20e UTM Bundle Firebox X55e UTM Bundle Firebox X20e UTM Bundle North America Firebox X20e UTM Bundle International Firebox X20e UTM Bundle China Firebox X20e UTM Bundle Japan Firebox X55e UTM Bundle North America Firebox X55e UTM Bundle International Firebox X55e UTM Bundle China Firebox X55e UTM Bundle Japan WG50553 WG50753 WG51253 WG50026 WG50061 WG50027 WG50028 WG50029 WG50028-JP WG50062 WG50063 WG50064 WG50063-JP System Requirements Firebox X Peak or Core Appliance Software Fireware 10 System Requirements Firebox X Edge Appliance Software Edge v10 Administration Windows 2000, Windows NT, Windows XP, or Windows Vista to support WatchGuard System Manager Administration Windows 2000, Windows NT, Windows XP, or Windows Vista to support WatchGuard System Manager or web UI Support Active LiveSecurity Service subscription Support Active LiveSecurity Service subscription ADDRESS: 505 Fifth Avenue South, Suite 500, Seattle, WA WEB: U.S. SALES: INTERNATIONAL SALES: No express or implied warranties are provided for herein. All specifications are subject to change and any expected future products, features or functionality will be provided on an if and when available basis WatchGuard Technologies, Inc. All rights reserved. WatchGuard, the WatchGuard Logo, Firebox, Fireware, LiveSecurity, Peak, and Core are either trademarks or registered trademarks of WatchGuard Technologies, Inc. in the United States and/or other countries. All other trademarks and tradenames are the property of their respective owners. Part No. WGCE66426_033108